Created
September 15, 2016 12:18
-
-
Save ljwagerfield/ab4aed16878dd9a8241b14bc1501392f to your computer and use it in GitHub Desktop.
Amazon Linux init.d Functions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*-Shell-script-*- | |
# | |
# functions This file contains functions to be used by most or all | |
# shell scripts in the /etc/init.d directory. | |
# | |
TEXTDOMAIN=initscripts | |
# Make sure umask is sane | |
umask 022 | |
# Set up a default search path. | |
PATH="/sbin:/usr/sbin:/bin:/usr/bin" | |
export PATH | |
# Get a sane screen width | |
[ -z "${COLUMNS:-}" ] && COLUMNS=80 | |
[ -z "${CONSOLETYPE:-}" ] && CONSOLETYPE="$(/sbin/consoletype)" | |
if [ -f /etc/sysconfig/i18n -a -z "${NOLOCALE:-}" -a -z "${LANGSH_SOURCED:-}" ] ; then | |
. /etc/profile.d/lang.sh 2>/dev/null | |
# avoid propagating LANGSH_SOURCED any further | |
unset LANGSH_SOURCED | |
fi | |
# Read in our configuration | |
if [ -z "${BOOTUP:-}" ]; then | |
if [ -f /etc/sysconfig/init ]; then | |
. /etc/sysconfig/init | |
else | |
# This all seem confusing? Look in /etc/sysconfig/init, | |
# or in /usr/doc/initscripts-*/sysconfig.txt | |
BOOTUP=color | |
RES_COL=60 | |
MOVE_TO_COL="echo -en \\033[${RES_COL}G" | |
SETCOLOR_SUCCESS="echo -en \\033[1;32m" | |
SETCOLOR_FAILURE="echo -en \\033[1;31m" | |
SETCOLOR_WARNING="echo -en \\033[1;33m" | |
SETCOLOR_NORMAL="echo -en \\033[0;39m" | |
LOGLEVEL=1 | |
fi | |
if [ "$CONSOLETYPE" = "serial" ]; then | |
BOOTUP=serial | |
MOVE_TO_COL= | |
SETCOLOR_SUCCESS= | |
SETCOLOR_FAILURE= | |
SETCOLOR_WARNING= | |
SETCOLOR_NORMAL= | |
fi | |
fi | |
# Interpret escape sequences in an fstab entry | |
fstab_decode_str() { | |
fstab-decode echo "$1" | |
} | |
# Check if any of $pid (could be plural) are running | |
checkpid() { | |
local i | |
for i in $* ; do | |
[ -d "/proc/$i" ] && return 0 | |
done | |
return 1 | |
} | |
__readlink() { | |
ls -bl "$@" 2>/dev/null| awk '{ print $NF }' | |
} | |
__fgrep() { | |
s=$1 | |
f=$2 | |
while read line; do | |
if strstr "$line" "$s"; then | |
echo $line | |
return 0 | |
fi | |
done < $f | |
return 1 | |
} | |
# __umount_loop awk_program fstab_file first_msg retry_msg retry_umount_args | |
# awk_program should process fstab_file and return a list of fstab-encoded | |
# paths; it doesn't have to handle comments in fstab_file. | |
__umount_loop() { | |
local remaining sig= | |
local retry=3 count | |
remaining=$(LC_ALL=C awk "/^#/ {next} $1" "$2" | sort -r) | |
while [ -n "$remaining" -a "$retry" -gt 0 ]; do | |
if [ "$retry" -eq 3 ]; then | |
action "$3" fstab-decode umount $remaining | |
else | |
action "$4" fstab-decode umount $5 $remaining | |
fi | |
count=4 | |
remaining=$(LC_ALL=C awk "/^#/ {next} $1" "$2" | sort -r) | |
while [ "$count" -gt 0 ]; do | |
[ -z "$remaining" ] && break | |
count=$(($count-1)) | |
usleep 500000 | |
remaining=$(LC_ALL=C awk "/^#/ {next} $1" "$2" | sort -r) | |
done | |
[ -z "$remaining" ] && break | |
kill $sig $(fstab-decode /sbin/fuser -m $remaining 2>/dev/null | sed -e "s/\b$$\b//g") > /dev/null | |
sleep 3 | |
retry=$(($retry -1)) | |
sig=-9 | |
done | |
} | |
# Similar to __umount loop above, specialized for loopback devices | |
__umount_loopback_loop() { | |
local remaining devremaining sig= | |
local retry=3 | |
remaining=$(awk '$1 ~ /^\/dev\/loop/ && $2 != "/" {print $2}' /proc/mounts) | |
devremaining=$(awk '$1 ~ /^\/dev\/loop/ && $2 != "/" {print $1}' /proc/mounts) | |
while [ -n "$remaining" -a "$retry" -gt 0 ]; do | |
if [ "$retry" -eq 3 ]; then | |
action $"Unmounting loopback filesystems: " \ | |
fstab-decode umount $remaining | |
else | |
action $"Unmounting loopback filesystems (retry):" \ | |
fstab-decode umount $remaining | |
fi | |
for dev in $devremaining ; do | |
losetup $dev > /dev/null 2>&1 && \ | |
action $"Detaching loopback device $dev: " \ | |
losetup -d $dev | |
done | |
remaining=$(awk '$1 ~ /^\/dev\/loop/ && $2 != "/" {print $2}' /proc/mounts) | |
devremaining=$(awk '$1 ~ /^\/dev\/loop/ && $2 != "/" {print $1}' /proc/mounts) | |
[ -z "$remaining" ] && break | |
fstab-decode /sbin/fuser -k -m $sig $remaining >/dev/null | |
sleep 3 | |
retry=$(($retry -1)) | |
sig=-9 | |
done | |
} | |
# __proc_pids {program} [pidfile] | |
# Set $pid to pids from /var/run* for {program}. $pid should be declared | |
# local in the caller. | |
# Returns LSB exit code for the 'status' action. | |
__pids_var_run() { | |
local base=${1##*/} | |
local pid_file=${2:-/var/run/$base.pid} | |
local pid_dir=$(/usr/bin/dirname $pid_file) | |
local binary=$3 | |
[ -d "$pid_dir" -a ! -r "$pid_dir" ] && return 4 | |
pid= | |
if [ -f "$pid_file" ] ; then | |
local line p | |
[ ! -r "$pid_file" ] && return 4 # "user had insufficient privilege" | |
while : ; do | |
read line | |
[ -z "$line" ] && break | |
for p in $line ; do | |
if [ -z "${p//[0-9]/}" -a -d "/proc/$p" ] ; then | |
if [ -n "$binary" ] ; then | |
local b=$(readlink /proc/$p/exe | sed -e 's/\s*(deleted)$//') | |
[ "$b" != "$binary" ] && continue | |
fi | |
pid="$pid $p" | |
fi | |
done | |
done < "$pid_file" | |
if [ -n "$pid" ]; then | |
return 0 | |
fi | |
return 1 # "Program is dead and /var/run pid file exists" | |
fi | |
return 3 # "Program is not running" | |
} | |
# Output PIDs of matching processes, found using pidof | |
__pids_pidof() { | |
pidof -c -m -o $$ -o $PPID -o %PPID -x "$1" || \ | |
pidof -c -m -o $$ -o $PPID -o %PPID -x "${1##*/}" | |
} | |
# A function to start a program. | |
daemon() { | |
# Test syntax. | |
local gotbase= force= nicelevel corelimit | |
local pid base= user= nice= bg= pid_file= | |
local cgroup= | |
nicelevel=0 | |
while [ "$1" != "${1##[-+]}" ]; do | |
case $1 in | |
'') echo $"$0: Usage: daemon [+/-nicelevel] {program}" | |
return 1;; | |
--check) | |
base=$2 | |
gotbase="yes" | |
shift 2 | |
;; | |
--check=?*) | |
base=${1#--check=} | |
gotbase="yes" | |
shift | |
;; | |
--user) | |
user=$2 | |
shift 2 | |
;; | |
--user=?*) | |
user=${1#--user=} | |
shift | |
;; | |
--pidfile) | |
pid_file=$2 | |
shift 2 | |
;; | |
--pidfile=?*) | |
pid_file=${1#--pidfile=} | |
shift | |
;; | |
--force) | |
force="force" | |
shift | |
;; | |
[-+][0-9]*) | |
nice="nice -n $1" | |
shift | |
;; | |
*) echo $"$0: Usage: daemon [+/-nicelevel] {program}" | |
return 1;; | |
esac | |
done | |
# Save basename. | |
[ -z "$gotbase" ] && base=${1##*/} | |
# See if it's already running. Look *only* at the pid file. | |
__pids_var_run "$base" "$pid_file" | |
[ -n "$pid" -a -z "$force" ] && return | |
# make sure it doesn't core dump anywhere unless requested | |
corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}" | |
# if they set NICELEVEL in /etc/sysconfig/foo, honor it | |
[ -n "${NICELEVEL:-}" ] && nice="nice -n $NICELEVEL" | |
# if they set CGROUP_DAEMON in /etc/sysconfig/foo, honor it | |
if [ -n "${CGROUP_DAEMON}" ]; then | |
if [ ! -x /bin/cgexec ]; then | |
echo -n "Cgroups not installed"; warning | |
echo | |
else | |
cgroup="/bin/cgexec"; | |
for i in $CGROUP_DAEMON; do | |
cgroup="$cgroup -g $i"; | |
done | |
fi | |
fi | |
# Echo daemon | |
[ "${BOOTUP:-}" = "verbose" -a -z "${LSB:-}" ] && echo -n " $base" | |
# And start it up. | |
if [ -z "$user" ]; then | |
$cgroup $nice /bin/bash -c "$corelimit >/dev/null 2>&1 ; $*" | |
else | |
$cgroup $nice runuser -s /bin/bash $user -c "$corelimit >/dev/null 2>&1 ; $*" | |
fi | |
[ "$?" -eq 0 ] && success $"$base startup" || failure $"$base startup" | |
} | |
# A function to stop a program. | |
killproc() { | |
local RC killlevel= base pid pid_file= delay try binary= | |
RC=0; delay=3; try=0 | |
# Test syntax. | |
if [ "$#" -eq 0 ]; then | |
echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]" | |
return 1 | |
fi | |
if [ "$1" = "-p" ]; then | |
pid_file=$2 | |
shift 2 | |
fi | |
if [ "$1" = "-b" ]; then | |
if [ -z $pid_file ]; then | |
echo $"-b option can be used only with -p" | |
echo $"Usage: killproc -p pidfile -b binary program" | |
return 1 | |
fi | |
binary=$2 | |
shift 2 | |
fi | |
if [ "$1" = "-d" ]; then | |
delay=$(echo $2 | awk -v RS=' ' -v IGNORECASE=1 '{if($1!~/^[0-9.]+[smhd]?$/) exit 1;d=$1~/s$|^[0-9.]*$/?1:$1~/m$/?60:$1~/h$/?60*60:$1~/d$/?24*60*60:-1;if(d==-1) exit 1;delay+=d*$1} END {printf("%d",delay+0.5)}') | |
if [ "$?" -eq 1 ]; then | |
echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]" | |
return 1 | |
fi | |
shift 2 | |
fi | |
# check for second arg to be kill level | |
[ -n "${2:-}" ] && killlevel=$2 | |
# Save basename. | |
base=${1##*/} | |
# Find pid. | |
__pids_var_run "$1" "$pid_file" "$binary" | |
RC=$? | |
if [ -z "$pid" ]; then | |
if [ -z "$pid_file" ]; then | |
pid="$(__pids_pidof "$1")" | |
else | |
[ "$RC" = "4" ] && { failure $"$base shutdown" ; return $RC ;} | |
fi | |
fi | |
# Kill it. | |
if [ -n "$pid" ] ; then | |
[ "$BOOTUP" = "verbose" -a -z "${LSB:-}" ] && echo -n "$base " | |
if [ -z "$killlevel" ] ; then | |
if checkpid $pid 2>&1; then | |
# TERM first, then KILL if not dead | |
kill -TERM $pid >/dev/null 2>&1 | |
usleep 100000 | |
if checkpid $pid ; then | |
try=0 | |
while [ $try -lt $delay ] ; do | |
checkpid $pid || break | |
sleep 1 | |
let try+=1 | |
done | |
if checkpid $pid ; then | |
kill -KILL $pid >/dev/null 2>&1 | |
usleep 100000 | |
fi | |
fi | |
fi | |
checkpid $pid | |
RC=$? | |
[ "$RC" -eq 0 ] && failure $"$base shutdown" || success $"$base shutdown" | |
RC=$((! $RC)) | |
# use specified level only | |
else | |
if checkpid $pid; then | |
kill $killlevel $pid >/dev/null 2>&1 | |
RC=$? | |
[ "$RC" -eq 0 ] && success $"$base $killlevel" || failure $"$base $killlevel" | |
elif [ -n "${LSB:-}" ]; then | |
RC=7 # Program is not running | |
fi | |
fi | |
else | |
if [ -n "${LSB:-}" -a -n "$killlevel" ]; then | |
RC=7 # Program is not running | |
else | |
failure $"$base shutdown" | |
RC=0 | |
fi | |
fi | |
# Remove pid file if any. | |
if [ -z "$killlevel" ]; then | |
rm -f "${pid_file:-/var/run/$base.pid}" | |
fi | |
return $RC | |
} | |
# A function to find the pid of a program. Looks *only* at the pidfile | |
pidfileofproc() { | |
local pid | |
# Test syntax. | |
if [ "$#" = 0 ] ; then | |
echo $"Usage: pidfileofproc {program}" | |
return 1 | |
fi | |
__pids_var_run "$1" | |
[ -n "$pid" ] && echo $pid | |
return 0 | |
} | |
# A function to find the pid of a program. | |
pidofproc() { | |
local RC pid pid_file= | |
# Test syntax. | |
if [ "$#" = 0 ]; then | |
echo $"Usage: pidofproc [-p pidfile] {program}" | |
return 1 | |
fi | |
if [ "$1" = "-p" ]; then | |
pid_file=$2 | |
shift 2 | |
fi | |
fail_code=3 # "Program is not running" | |
# First try "/var/run/*.pid" files | |
__pids_var_run "$1" "$pid_file" | |
RC=$? | |
if [ -n "$pid" ]; then | |
echo $pid | |
return 0 | |
fi | |
[ -n "$pid_file" ] && return $RC | |
__pids_pidof "$1" || return $RC | |
} | |
status() { | |
local base pid lock_file= pid_file= binary= | |
# Test syntax. | |
if [ "$#" = 0 ] ; then | |
echo $"Usage: status [-p pidfile] {program}" | |
return 1 | |
fi | |
if [ "$1" = "-p" ]; then | |
pid_file=$2 | |
shift 2 | |
fi | |
if [ "$1" = "-l" ]; then | |
lock_file=$2 | |
shift 2 | |
fi | |
if [ "$1" = "-b" ]; then | |
if [ -z $pid_file ]; then | |
echo $"-b option can be used only with -p" | |
echo $"Usage: status -p pidfile -b binary program" | |
return 1 | |
fi | |
binary=$2 | |
shift 2 | |
fi | |
base=${1##*/} | |
# First try "pidof" | |
__pids_var_run "$1" "$pid_file" "$binary" | |
RC=$? | |
if [ -z "$pid_file" -a -z "$pid" ]; then | |
pid="$(__pids_pidof "$1")" | |
fi | |
if [ -n "$pid" ]; then | |
echo $"${base} (pid $pid) is running..." | |
return 0 | |
fi | |
case "$RC" in | |
0) | |
echo $"${base} (pid $pid) is running..." | |
return 0 | |
;; | |
1) | |
echo $"${base} dead but pid file exists" | |
return 1 | |
;; | |
4) | |
echo $"${base} status unknown due to insufficient privileges." | |
return 4 | |
;; | |
esac | |
if [ -z "${lock_file}" ]; then | |
lock_file=${base} | |
fi | |
# See if /var/lock/subsys/${lock_file} exists | |
if [ -f /var/lock/subsys/${lock_file} ]; then | |
echo $"${base} dead but subsys locked" | |
return 2 | |
fi | |
echo $"${base} is stopped" | |
return 3 | |
} | |
echo_success() { | |
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL | |
echo -n "[" | |
[ "$BOOTUP" = "color" ] && $SETCOLOR_SUCCESS | |
echo -n $" OK " | |
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL | |
echo -n "]" | |
echo -ne "\r" | |
return 0 | |
} | |
echo_failure() { | |
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL | |
echo -n "[" | |
[ "$BOOTUP" = "color" ] && $SETCOLOR_FAILURE | |
echo -n $"FAILED" | |
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL | |
echo -n "]" | |
echo -ne "\r" | |
return 1 | |
} | |
echo_passed() { | |
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL | |
echo -n "[" | |
[ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING | |
echo -n $"PASSED" | |
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL | |
echo -n "]" | |
echo -ne "\r" | |
return 1 | |
} | |
echo_warning() { | |
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL | |
echo -n "[" | |
[ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING | |
echo -n $"WARNING" | |
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL | |
echo -n "]" | |
echo -ne "\r" | |
return 1 | |
} | |
# Inform the graphical boot of our current state | |
update_boot_stage() { | |
if [ -x /bin/plymouth ]; then | |
/bin/plymouth --update="$1" | |
fi | |
return 0 | |
} | |
# Log that something succeeded | |
success() { | |
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_success | |
return 0 | |
} | |
# Log that something failed | |
failure() { | |
local rc=$? | |
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_failure | |
[ -x /bin/plymouth ] && /bin/plymouth --details | |
return $rc | |
} | |
# Log that something passed, but may have had errors. Useful for fsck | |
passed() { | |
local rc=$? | |
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_passed | |
return $rc | |
} | |
# Log a warning | |
warning() { | |
local rc=$? | |
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_warning | |
return $rc | |
} | |
# Run some action. Log its output. | |
action() { | |
local STRING rc | |
STRING=$1 | |
echo -n "$STRING " | |
shift | |
"$@" && success $"$STRING" || failure $"$STRING" | |
rc=$? | |
echo | |
return $rc | |
} | |
# Run some action. Silently. | |
action_silent() { | |
local STRING rc | |
STRING=$1 | |
echo -n "$STRING " | |
shift | |
"$@" >/dev/null && success $"$STRING" || failure $"$STRING" | |
rc=$? | |
echo | |
return $rc | |
} | |
# returns OK if $1 contains $2 | |
strstr() { | |
[ "${1#*$2*}" = "$1" ] && return 1 | |
return 0 | |
} | |
# Confirm whether we really want to run this service | |
confirm() { | |
[ -x /bin/plymouth ] && /bin/plymouth --hide-splash | |
while : ; do | |
echo -n $"Start service $1 (Y)es/(N)o/(C)ontinue? [Y] " | |
read answer | |
if strstr $"yY" "$answer" || [ "$answer" = "" ] ; then | |
return 0 | |
elif strstr $"cC" "$answer" ; then | |
rm -f /var/run/confirm | |
[ -x /bin/plymouth ] && /bin/plymouth --show-splash | |
return 2 | |
elif strstr $"nN" "$answer" ; then | |
return 1 | |
fi | |
done | |
} | |
# resolve a device node to its major:minor numbers in decimal or hex | |
get_numeric_dev() { | |
( | |
fmt="%d:%d" | |
if [ "$1" == "hex" ]; then | |
fmt="%x:%x" | |
fi | |
ls -lH "$2" | awk '{ sub(/,/, "", $5); printf("'"$fmt"'", $5, $6); }' | |
) 2>/dev/null | |
} | |
# Check whether file $1 is a backup or rpm-generated file and should be ignored | |
is_ignored_file() { | |
case "$1" in | |
*~ | *.bak | *.orig | *.rpmnew | *.rpmorig | *.rpmsave) | |
return 0 | |
;; | |
esac | |
return 1 | |
} | |
# Evaluate shvar-style booleans | |
is_true() { | |
case "$1" in | |
[tT] | [yY] | [yY][eE][sS] | [tT][rR][uU][eE]) | |
return 0 | |
;; | |
esac | |
return 1 | |
} | |
# Evaluate shvar-style booleans | |
is_false() { | |
case "$1" in | |
[fF] | [nN] | [nN][oO] | [fF][aA][lL][sS][eE]) | |
return 0 | |
;; | |
esac | |
return 1 | |
} | |
# Apply sysctl settings, including files in /etc/sysctl.d | |
apply_sysctl() { | |
sysctl -e -p /etc/sysctl.conf >/dev/null 2>&1 | |
for file in /etc/sysctl.d/* ; do | |
is_ignored_file "$file" && continue | |
test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1 | |
done | |
} | |
key_is_random() { | |
[ "$1" = "/dev/urandom" -o "$1" = "/dev/hw_random" \ | |
-o "$1" = "/dev/random" ] | |
} | |
find_crypto_mount_point() { | |
local fs_spec fs_file fs_vfstype remaining_fields | |
local fs | |
while read fs_spec fs_file remaining_fields; do | |
if [ "$fs_spec" = "/dev/mapper/$1" ]; then | |
echo $fs_file | |
break; | |
fi | |
done < /etc/fstab | |
} | |
# Because of a chicken/egg problem, init_crypto must be run twice. /var may be | |
# encrypted but /var/lib/random-seed is needed to initialize swap. | |
init_crypto() { | |
local have_random dst src key opt mode owner params makeswap skip arg opt | |
local param value rc ret mke2fs mdir prompt mount_point | |
ret=0 | |
have_random=$1 | |
while read dst src key opt; do | |
[ -z "$dst" -o "${dst#\#}" != "$dst" ] && continue | |
[ -b "/dev/mapper/$dst" ] && continue; | |
if [ "$have_random" = 0 ] && key_is_random "$key"; then | |
continue | |
fi | |
if [ -n "$key" -a "x$key" != "xnone" ]; then | |
if test -e "$key" ; then | |
owner=$(ls -l $key | (read a b owner rest; echo $owner)) | |
if ! key_is_random "$key"; then | |
mode=$(ls -l "$key" | cut -c 5-10) | |
if [ "$mode" != "------" ]; then | |
echo $"INSECURE MODE FOR $key" | |
fi | |
fi | |
if [ "$owner" != root ]; then | |
echo $"INSECURE OWNER FOR $key" | |
fi | |
else | |
echo $"Key file for $dst not found, skipping" | |
ret=1 | |
continue | |
fi | |
else | |
key="" | |
fi | |
params="" | |
makeswap="" | |
mke2fs="" | |
skip="" | |
# Parse the src field for UUID= and convert to real device names | |
if [ "${src%%=*}" == "UUID" ]; then | |
src=$(/sbin/blkid -t "$src" -l -o device) | |
elif [ "${src/^\/dev\/disk\/by-uuid\/}" != "$src" ]; then | |
src=$(__readlink $src) | |
fi | |
# Is it a block device? | |
[ -b "$src" ] || continue | |
# Is it already a device mapper slave? (this is gross) | |
devesc=${src##/dev/} | |
devesc=${devesc//\//!} | |
for d in /sys/block/dm-*/slaves ; do | |
[ -e $d/$devesc ] && continue 2 | |
done | |
# Parse the options field, convert to cryptsetup parameters and | |
# contruct the command line | |
while [ -n "$opt" ]; do | |
arg=${opt%%,*} | |
opt=${opt##$arg} | |
opt=${opt##,} | |
param=${arg%%=*} | |
value=${arg##$param=} | |
case "$param" in | |
cipher) | |
params="$params -c $value" | |
if [ -z "$value" ]; then | |
echo $"$dst: no value for cipher option, skipping" | |
skip="yes" | |
fi | |
;; | |
size) | |
params="$params -s $value" | |
if [ -z "$value" ]; then | |
echo $"$dst: no value for size option, skipping" | |
skip="yes" | |
fi | |
;; | |
hash) | |
params="$params -h $value" | |
if [ -z "$value" ]; then | |
echo $"$dst: no value for hash option, skipping" | |
skip="yes" | |
fi | |
;; | |
verify) | |
params="$params -y" | |
;; | |
swap) | |
makeswap=yes | |
;; | |
tmp) | |
mke2fs=yes | |
esac | |
done | |
if [ "$skip" = "yes" ]; then | |
ret=1 | |
continue | |
fi | |
if [ -z "$makeswap" ] && cryptsetup isLuks "$src" 2>/dev/null ; then | |
if key_is_random "$key"; then | |
echo $"$dst: LUKS requires non-random key, skipping" | |
ret=1 | |
continue | |
fi | |
if [ -n "$params" ]; then | |
echo "$dst: options are invalid for LUKS partitions," \ | |
"ignoring them" | |
fi | |
if [ -n "$key" ]; then | |
/sbin/cryptsetup -d $key luksOpen "$src" "$dst" <&1 2>/dev/null && success || failure | |
rc=$? | |
else | |
mount_point="$(find_crypto_mount_point $dst)" | |
[ -n "$mount_point" ] || mount_point=${src##*/} | |
prompt=$(printf $"%s is password protected" "$mount_point") | |
if [ -x /usr/bin/plymouth ] ; then | |
plymouth ask-for-password --prompt "$prompt" --command="/sbin/cryptsetup luksOpen -T1 $src $dst" <&1 | |
else | |
/sbin/cryptsetup luksOpen -T1 --key-file=- $src $dst | |
fi | |
rc=$? | |
fi | |
else | |
[ -z "$key" ] && [ -x /usr/bin/plymouth ] && plymouth --hide-splash | |
/sbin/cryptsetup $params ${key:+-d $key} create "$dst" "$src" <&1 2>/dev/null && success || failure | |
rc=$? | |
[ -z "$key" ] && [ -x /usr/bin/plymouth ] && plymouth --show-splash | |
fi | |
if [ $rc -ne 0 ]; then | |
ret=1 | |
continue | |
fi | |
if [ -b "/dev/mapper/$dst" ]; then | |
if [ "$makeswap" = "yes" ]; then | |
mkswap "/dev/mapper/$dst" 2>/dev/null >/dev/null | |
fi | |
if [ "$mke2fs" = "yes" ]; then | |
if mke2fs "/dev/mapper/$dst" 2>/dev/null >/dev/null \ | |
&& mdir=$(mktemp -d /tmp/mountXXXXXX); then | |
mount "/dev/mapper/$dst" "$mdir" && chmod 1777 "$mdir" | |
umount "$mdir" | |
rmdir "$mdir" | |
fi | |
fi | |
fi | |
done < /etc/crypttab | |
return $ret | |
} | |
# A sed expression to filter out the files that is_ignored_file recognizes | |
__sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d' | |
#if we have privileges lets log to kmsg, otherwise to stderr | |
if strstr "$(cat /proc/cmdline)" "rc.debug"; then | |
[ -w /dev/kmsg ] && exec 30>/dev/kmsg && BASH_XTRACEFD=30 | |
set -x | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment